Common Vulnerabilities and Exposures by NIST

CVE-2014-6851 N/A

2014-10-01 2014-10-01

The New Beginnings CFC (aka com.goodbarber.nbcfc) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6852 N/A

2014-10-01 2014-10-01

The LedLine.gr Official (aka com.automon.ledline.gr) application 1.4.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6853 N/A

2014-10-01 2014-10-01

The Foxit MobilePDF - PDF Reader (aka com.foxit.mobile.pdf.lite) application 2.2.0.0616 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6854 N/A

2014-10-01 2014-10-01

The EyeXam (aka com.globaleyeventures.eyexam) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6855 N/A

2014-10-01 2014-10-01

The Long (aka com.imop.longjiang.android) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-3395 N/A

2014-10-01 2014-10-01

Cisco WebEx Meetings Server (WMS) 2.5 allows remote attackers to trigger the download of arbitrary files via a crafted URL, aka Bug ID CSCup10343.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6844 N/A

2014-09-30 2014-09-30

The ABC Song (aka com.tabtale.abcsingalong) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6845 N/A

2014-09-30 2014-09-30

The MediaFire (aka com.mediafire.android) application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-6846 N/A

2014-09-30 2014-09-30

The Four Seasons Beverly Hills (aka com.intelitycorp.FourSeasons.android.ice) application @7F050007 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A